diff options
| author | drduh <github@duh.to> | 2019-06-09 11:42:00 -0700 |
|---|---|---|
| committer | drduh <github@duh.to> | 2019-06-09 11:42:00 -0700 |
| commit | 09f3822a19985f2cccfed462b73b454e415047a8 (patch) | |
| tree | 20c6d43b43b15870717c1b62cfe0ab071bf6340b /README.md | |
| parent | Merge pull request #113 from jakkn/master (diff) | |
| download | YubiKey-Guide-09f3822a19985f2cccfed462b73b454e415047a8.tar.gz | |
Link to multiple keys discussions. Fix #19. Fix #112.
Diffstat (limited to '')
| -rw-r--r-- | README.md | 12 |
1 files changed, 7 insertions, 5 deletions
@@ -46,7 +46,7 @@ If you have a comment or suggestion, please open an [Issue](https://github.com/d - [Prerequisites](#prerequisites) - [WSL configuration](#wsl-configuration) - [Remote host configuration](#remote-host-configuration) -- [Multiple keys](#Multiple-keys) +- [Multiple Keys](#multiple-keys) - [Require touch](#require-touch) - [Email](#email) - [Reset](#reset) @@ -1783,11 +1783,11 @@ On the remote host, type `ssh-add -l` - if you see the ssh key, that means forwa **Note** Agent forwarding may be chained through multiple hosts - just follow the same [protocol](#remote-host-configuration) to configure each host. -# multiple keys +# Multiple Keys -GnuPG doesn't store the serial number of the first key it has seen - [#T2291](https://dev.gnupg.org/T2291). +If a you want to use multiple YubiKeys with a single identity - or to replace a lost card with another, delete the GnuPG shadowed key - where the card serial number is stored (see [GnuPG #T2291](https://dev.gnupg.org/T2291)). -If a YubiKey is lost and replaced, delete GnuPG's shadowed key - where the serial number is stored. Find the `Keygrip` number of each key: +Find the `Keygrip` number of each key: ```console $ gpg --with-keygrip -k $KEYID @@ -1806,7 +1806,7 @@ sub rsa4096/0x3F29127E79649A3D 2017-10-09 [A] [expires: 2018-10-09] Then delete all the shadow keys using their `Keygrip` number: ```console -$ cd .gnupg/private-keys-v1.d +$ cd ~/.gnupg/private-keys-v1.d $ rm 85D44BD52AD45C0852BD15BF41161EE9AE477398.key \ A0AA3D9F626BDEA3B833F290C7BCA79216C8A996.key \ @@ -1819,6 +1819,8 @@ Insert the new YubiKey and re-generate shadow-keys by checking card status: $ gpg --card-status ``` +See discussion in Issues [#19](https://github.com/drduh/YubiKey-Guide/issues/19) and [#112](https://github.com/drduh/YubiKey-Guide/issues/112) for more information and troubleshooting steps. + # Require touch **Note** This is not possible on YubiKey NEO. |